Re: nf_conntrack_sip howto ?

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: "SŽébastien Cramatte" <scramatte@zensoluciones.com>
Cc: netfilter@vger.kernel.org
Subject: Re: nf_conntrack_sip howto ?
Date: Fri, 06 Jun 2008 16:17:01 +0200	[thread overview]
Message-ID: <484946DD.7060103@trash.net> (raw)
In-Reply-To: <4849416C.70104@zensoluciones.com>

SŽébastien Cramatte wrote:
> Hello
> 
> I'm search for an howto or any docs to use "nf_conntrack_sip".
> I've build a traffic shapper and I want to classify  SIP, IAX and RTP 
> traffic.

First, you probably want to use the version in the current -rc
kernel, which includes lots of bugfixes for proper parsing and
more complicated scenarios involving multiple endpoints.

The module has two parameters you might need to change:

- sip_direct_signalling:expect incoming calls from registrar only 
(default 1) (int)

Controls whether incoming calls are only coming from the
host that you REGISTER with, or from anywhere. In the
later case the expectation for incoming calls is created
with a wildcard source. With normal SIP telephony providers
usually not necessary.

- sip_direct_media:Expect Media streams between signalling endpoints 
only (default 1) (int)

Same thing for RTP streams. This one you often do have to
set to 0, for example when the SIP providers uses load-
balancing or has agreements with other providers to route
RTP directly between endpoints.

Matching on SIP is simple (-m udp --dport 5060). RTP can
be matched on using "-m helper --helper sip". Using marks
you can use this information for TC classification.

     prev parent reply	other threads:[~2008-06-06 14:17 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-06-06 13:53 nf_conntrack_sip howto ? SŽébastien Cramatte
2008-06-06 14:17 ` Patrick McHardy [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=484946DD.7060103@trash.net \
    --to=kaber@trash.net \
    --cc=netfilter@vger.kernel.org \
    --cc=scramatte@zensoluciones.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox